15222 – Samba should use generate_nonce_buffer() not generate_random_buffer() for unique numbers

Bug 15222 - Samba should use generate_nonce_buffer() not generate_random_buffer() for unique numbers

Summary: Samba should use generate_nonce_buffer() not generate_random_buffer() for uni...

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.17.1
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Samba QA Contact
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-11-01 19:39 UTC by Andrew Bartlett
Modified:	2022-11-01 19:39 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andrew Bartlett 2022-11-01 19:39:04 UTC

Samba historically only had one way to generate random numbers, to avoid developers choosing a weak RNG accidentially it was safer to just generate good random number for everything, and we would often directly use /dev/urandom for that, or an RC4 stream from that.

Now we have GnuTLS and it has 3 levels of still very good random numbers, we should use generate_nonce_buffer() where we need a unique buffer (eg a GUID) not a key-strength buffer. 

It may not make a lot of difference in practice, but the main detail is that this uses GNUTLS_RND_NONCE, which works of a pool itself seeded from the GNUTLS_RND_RANDOM pool, so triggers less calls for system entropy.